Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 1 subscriber
  • Views 7958 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Autoupdate failed and insufficient rights to do anything with Sophos

kiril982

Hi Sophos team,

I had to register as I have annoying problem with Sophos. The most I got from my IT admin (who is in Denmark while I am on a stay in China) is to uninstall it and instal something else. While that's the last option. I will give a last try to ask you.

I neither have the rights to manipulate with Sophos properly (it says "insufficient right"), nor the autoupdate funtion works. This is all from today when I tried to delete a virus or whatever was it from usb, and I noticed the first one. Once I tried to fix using your (increadibly confusing and overloaded) forums, the auto-update stoped working as well. Its a bit annoying and I got a bit frustrated.

1. I have tried to fix the "sufficient rights" issue by following your posted procedure i.e. updating the SID numbers using the SophosLocalGroups.txt file but it didn't work. I also downloaded some file, and than copied it in the indicated lcoation and run it (which was suppose to automatically updade the SIDS) but it was waste of time in both reading and doing it.

2. I have tried to fix the auto-update issue, i even don't remember what I did, but i stoped the Sophos virus protection and did what was written in your post and activated it again. It didn't work.

Is there any solution except spending hours and trying to understand what SID and DSN settings are or?

Thanks a lot,

Kiril

p.s. for the record, when I start up my pc, the notification appears with "Sophos Endpoing Secirity and Control updater has faild to download", and in the update log the following appears (the other updates seem to work properly- as it says in the log):

Time: 23-07-2012 23:37:14
Message: Could not connect to the server. Check that this computer is connected to the network and that Sophos AutoUpdate is configured to update from the correct location with the correct credentials and proxy details (if required)
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:13
Message: Downloading product Sophos AutoUpdate from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:11
Message: Could not add a connection to server \\SOFUS\SophosUpdate; user djf\sophos; Windows error 53
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:09
Message: Could not connect to the server. Check that this computer is connected to the network and that Sophos AutoUpdate is configured to update from the correct location with the correct credentials and proxy details (if required)
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:08
Message: Downloading product SAVXP from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:06
Message: Could not add a connection to server \\SOFUS\SophosUpdate; user djf\sophos; Windows error 53
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:04
Message: Could not connect to the server. Check that this computer is connected to the network and that Sophos AutoUpdate is configured to update from the correct location with the correct credentials and proxy details (if required)
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:03
Message: Downloading product RMSNT from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:01
Message: Could not add a connection to server \\SOFUS\SophosUpdate; user djf\sophos; Windows error 53
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:36:38
Message: *************** Sophos AutoUpdate started ***************
Module: ALUpdate
Process ID: 4808
Thread ID: 4412

:27249


This thread was automatically locked due to age.
  • 0

    Hello Kiril,

    I see. Although it still doesn't explain everything. Just to be sure, could you check the AutoUpdate log for the apparently successful update (I'd like to know - out of curiosity, it's none of my business - whether it indeed updated from SOFUS)?

    As for 9.5.6 VDL 4.77G - this happens to be the 9.5 Extended Maintenance Oldest, might be that it (or 4.77G fixed) was deliberately set by your admin.

    Christian

    :27333
  • 0

    Hi Christian,

    I assessed the lates log file, and its very long, and here is an extraction from the end regarding CID (I hope this is the info you are interested in):

    Trace(2012-Jul-25 19:03:17): CIDUpdate(Info): \\SOFUS\SophosUpdate, djf\sophos, 53
    Trace(2012-Jul-25 19:03:20): File escdp.dat not found. Return code 0x80040f04
    Trace(2012-Jul-25 19:03:20): Could not read master upd file: error 0x80040f04
    Trace(2012-Jul-25 19:03:21): Error -2147217660 in ReadCustomerIDFile
    Trace(2012-Jul-25 19:03:21): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {9BF40A4E-23AE-48be-9974-5A1F261DBEE8}
    Trace(2012-Jul-25 19:03:21): CIDUpdateLocation::SyncProduct - Updating Product: Sophos AutoUpdate
    Trace(2012-Jul-25 19:03:21): CIDUpdate(SyncProduct.Start): Sophos AutoUpdate, \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
    Trace(2012-Jul-25 19:03:21): CIDUpdateLocation::Sync - Updating from local CID: \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\sau
    Trace(2012-Jul-25 19:03:21): CIDSync(CidSyncMessage):
    Trace(2012-Jul-25 19:03:23): CIDSyncCallback, SynchronisationTerminated - Code = -2147024809
    Trace(2012-Jul-25 19:03:23): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\sau.map
    Trace(2012-Jul-25 19:03:23): CIDSync(CidSyncMessage): \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\sau,
    Trace(2012-Jul-25 19:03:23): CIDUpdateLocation::SyncProduct: Failed to update product (Sophos AutoUpdate) from "\\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\", Error is :CIDSYNC_E_SRCNOTFOUND (Source not found.)
    Trace(2012-Jul-25 19:03:23): CIDUpdate(CIDDownloadFailed):
    Trace(2012-Jul-25 19:03:24): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0
    Trace(2012-Jul-25 19:03:24): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0
    Trace(2012-Jul-25 19:03:24): TrySyncProduct<class AutoUpdate::SDDSUpdateLocation>, Started:
    Trace(2012-Jul-25 19:03:24): TrySyncProduct<class AutoUpdate::SDDSUpdateLocation>, creating update location
    Trace(2012-Jul-25 19:03:24): Path to decode files to: C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\1343214204
    Trace(2012-Jul-25 19:03:24): Using top level catalogue sdds.esc95
    Trace(2012-Jul-25 19:03:24): SDDSUpdateLocation, constructor start
    Trace(2012-Jul-25 19:03:24): locConfig.m_server = \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
    Trace(2012-Jul-25 19:03:24): Calling check on source.m_address.m_path = \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
    Trace(2012-Jul-25 19:03:24): Calling package_source_init
    Trace(2012-Jul-25 19:03:24): Creating package source to represent parent
    Trace(2012-Jul-25 19:03:24): Create package source to represent local cache
    Trace(2012-Jul-25 19:03:24): SDDSUpdateLocation::Constructor finished
    Trace(2012-Jul-25 19:03:24): TrySyncProduct, Calling BeginSync
    Trace(2012-Jul-25 19:03:25): SDDSUpdateLocation caught exception from BeginSync: Couldn't create catalogue sdds.esc95 GetLastError returned 53
    Trace(2012-Jul-25 19:03:25): TrySyncProduct<class AutoUpdate::SDDSUpdateLocation>, Ended - 0
    Trace(2012-Jul-25 19:03:25): ALUpdate(ProductUnavailable): RMSNT, Sophos
    Trace(2012-Jul-25 19:03:25): UpdateLocationFacade::SyncProduct: Last Update Mechanism = SDDS
    Trace(2012-Jul-25 19:03:25): TrySyncProduct<class AutoUpdate::SDDSUpdateLocation>, Started:
    Trace(2012-Jul-25 19:03:25): TrySyncProduct<class AutoUpdate::SDDSUpdateLocation>, creating update location
    Trace(2012-Jul-25 19:03:25): Path to decode files to: C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\1343214205
    Trace(2012-Jul-25 19:03:25): Using top level catalogue sdds.esc95
    Trace(2012-Jul-25 19:03:25): SDDSUpdateLocation, constructor start
    Trace(2012-Jul-25 19:03:25): locConfig.m_server = Sophos
    Trace(2012-Jul-25 19:03:25): Calling check on source.m_address.m_path = Sophos
    Trace(2012-Jul-25 19:03:25): Calling package_source_init
    Trace(2012-Jul-25 19:03:25): Creating package source to represent parent
    Trace(2012-Jul-25 19:03:25): Create package source to represent local cache
    Trace(2012-Jul-25 19:03:25): SDDSUpdateLocation::Constructor finished

    If not, please tell me where to take a look?

    Kiril

    :27337
  • 0

    Hello Kiril,

    thanks. Close, it shows that downloading AutoUpdate from your server failed and in the last lines it starts trying Sophos - which suggests that Sophos is set a secondary update location. As the update cycle is not finished at this point there must be additional lines and one of them should read SDDSUpdate(SyncProduct.Start): SAVXP, Sophos. The following lines should show that it successfully contacted Sophos (might be that at this time there was nothing to download though - if you go back to the log which contains the actions around 15:03 you should see that something has be done).

    If it successfully updates from Sophos this would explain a) that Sophos is indeed current and correctly displayed in WSC as such and b) you nevertheless get the failed message because of Trace(2012-Jul-25 19:03:25): ALUpdate(ProductUnavailable): RMSNT, Sophos. RMS (the management component) can't be updated from Sophos so this is not actually an error (I use to say it's a gentle reminder from Sophos that the clients should update from the site's infrastructure :smileywink:).

    Christian

    :27339
  • 0

    Hi Christian,

    The following lines, up to the end are:

    Trace(2012-Jul-25 19:03:25): TrySyncProduct, Calling BeginSync
    Trace(2012-Jul-25 19:03:26): Opened catalogue!
    Trace(2012-Jul-25 19:03:26): Attempting to synchronise load balancing and redirection files
    Trace(2012-Jul-25 19:03:26): Failed to synchronise load balancing and redirection files: Sophos is not an SDDS warehouse for product SDDS
    Trace(2012-Jul-25 19:03:26): TrySyncProduct<class AutoUpdate::SDDSUpdateLocation>, Calling SyncProduct with {E17FE03B-0501-4aaa-BC69-0129D965F311}
    Trace(2012-Jul-25 19:03:26): SDDSUpdate(SyncProduct.Start): SAVXP, Sophos
    Trace(2012-Jul-25 19:03:26): Finding minimum download, this version = 318 with size 42999123
    Trace(2012-Jul-25 19:03:27): Finding minimum download, this version = 319 with size 37971590
    Trace(2012-Jul-25 19:03:27): Finding minimum download, this version = 320 with size 23185157
    Trace(2012-Jul-25 19:03:27): Finding minimum download, this version = 321 with size 17511189
    Trace(2012-Jul-25 19:03:27): Finding minimum download, this version = 322 with size 0
    Trace(2012-Jul-25 19:03:27): Finding minimum download, this version = 323 with size 11666954
    Trace(2012-Jul-25 19:03:28): Finding minimum download, this version = 324 with size 14868495
    Trace(2012-Jul-25 19:03:28): SDDSUpdateLocation: Requesting version 322
    Trace(2012-Jul-25 19:03:28): Synching version 322.547 of {E17FE03B-0501-4aaa-BC69-0129D965F311}
    Trace(2012-Jul-25 19:03:28): calculating decode signature for E17FE03B-0501-4aaa-BC69-0129D965F311 with a product entry of 932510d91741a2e30b5fef4398043d01x000
    Trace(2012-Jul-25 19:03:28): and a version entry of 1a57533748e43215a76f77ef7adfbe61x000
    Trace(2012-Jul-25 19:03:28): SDDSUpdate(PrimarySuccess):
    Trace(2012-Jul-25 19:03:28): TrySyncProduct<class AutoUpdate::SDDSUpdateLocation>, SyncProduct returned - 1
    Trace(2012-Jul-25 19:03:28): TrySyncProduct<class AutoUpdate::SDDSUpdateLocation>, Ended - 1
    Trace(2012-Jul-25 19:03:28): UpdateLocationFacade::SyncProduct: Last Update Mechanism = SDDS
    Trace(2012-Jul-25 19:03:28): SDDSUpdate(SyncProduct.Start): Sophos AutoUpdate, Sophos
    Trace(2012-Jul-25 19:03:28): Finding minimum download, this version = 304 with size 3271299
    Trace(2012-Jul-25 19:03:29): Finding minimum download, this version = 309 with size 0
    Trace(2012-Jul-25 19:03:29): SDDSUpdateLocation: Requesting version 309
    Trace(2012-Jul-25 19:03:29): Synching version 309.0 of {9BF40A4E-23AE-48be-9974-5A1F261DBEE8}
    Trace(2012-Jul-25 19:03:29): calculating decode signature for 9BF40A4E-23AE-48be-9974-5A1F261DBEE8 with a product entry of 2a272fb034c76ae744d3901ae50f7731x000
    Trace(2012-Jul-25 19:03:29): and a version entry of 285ae27099c99be770a07225539ee422x000
    Trace(2012-Jul-25 19:03:29): SDDSUpdate(PrimarySuccess):
    Trace(2012-Jul-25 19:03:29): ALUpdate(DownloadEnded):
    Trace(2012-Jul-25 19:03:29): UpdateCoordinator::UpdateNow: About to Action list of products
    Trace(2012-Jul-25 19:03:29): ALUpdate(Action.Skipped): SAVXP
    Trace(2012-Jul-25 19:03:29): ALUpdate(Action.Skipped): Sophos AutoUpdate
    Trace(2012-Jul-25 19:03:30): RMSMessageHandler: ALUpdateEnd
    Trace(2012-Jul-25 19:03:30): Sending message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID>CIDDownloadFailed</ID><StringID>107</StringID><Sender>CIDUpdate</Sender><Insert>Sophos AutoUpdate</Insert><Insert>\\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\</Insert></ErrorMessage><ReadableMessage>ERROR: Download of Sophos AutoUpdate failed from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\</ReadableMessage></Config>
    Trace(2012-Jul-25 19:03:30): IPCSender::Write: Writing message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID>CIDDownloadFailed</ID><StringID>107</StringID><Sender>CIDUpdate</Sender><Insert>Sophos AutoUpdate</Insert><Insert>\\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\</Insert></ErrorMessage><ReadableMessage>ERROR: Download of Sophos AutoUpdate failed from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\</ReadableMessage></Config>
    Trace(2012-Jul-25 19:03:30): IPCSender::ProcessSend: Send message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID>CIDDownloadFailed</ID><StringID>107</StringID><Sender>CIDUpdate</Sender><Insert>Sophos AutoUpdate</Insert><Insert>\\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\</Insert></ErrorMessage><ReadableMessage>ERROR: Download of Sophos AutoUpdate failed from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\</ReadableMessage></Config>
    Trace(2012-Jul-25 19:03:30): IPCSender::ProcessSend: No messages in queue, starting to wait
    Trace(2012-Jul-25 19:03:31): IPCSender::ProcessSend exiting

    I saw in couple of times the word "success" so I hope its what we both expect? :)

    Kiril

    :27343
  • 0

    Hello Kiril,

    looks like it successfully verfied with Sophos that it is up to date (can't say why it does this for version 322 - VDL4.77 - and not 324 but hey, I've never actually used updating from Sophos let alone had to troubleshoot it).

    That it nevertheless constructs the error messages is correct as it has to tell you that the Primary location failed.

    I'd say it looks ok

    Christian

    :27347